Proposed fix: Enable LoRA PII auto-detection for Issue #647 #648
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
yossiovadia
requested review from
Xunzhuo,
rootfs and
wangchen615
as code owners
✅ Deploy Preview for vllm-semantic-router ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
👥 vLLM Semantic Team NotificationThe following members have been identified for the changed files in this PR and have been automatically assigned: 📁
|
Collaborator
Author
Further Investigation on 0.9 ConfidenceI conducted additional investigation to understand where the uniform 0.9 confidence originates. Test: Pure Python Model InferenceCreated a standalone Python test that loads the LoRA PII model directly using HuggingFace transformers (bypassing ALL semantic-router code - no Go, no Rust FFI). Test script: https://gist.github.com/yossiovadia/c1a0e822e836d73db68ea9fe9e321adc Results: Conclusion: The LoRA PII model itself produces varied probabilistic confidence scores, not uniform 0.9. Code Path AnalysisTraced the inference path through the codebase:
HypothesisThe uniform 0.9 likely comes from aggregation behavior in The mystery: Why does this averaging consistently produce exactly 0.9? This suggests either:
How to Reproduce# Install dependencies
pip install peft transformers torch
# Run the test
python3 test_lora_pii_pure_python.pyThe test will show the model produces varied confidence scores when accessed directly via Python/HuggingFace. Bottom LineThe uniform 0.9 is not from our Issue #647 changes or any hardcoded value in semantic-router. It appears to be an artifact of how the Rust/Candle LoRA implementation processes and aggregates token classifications, which differs from the Python/HuggingFace inference path. Despite this quirk, the core improvement remains: 27% → 73% success rate with correct entity types. |
Collaborator
Author
Further Investigation: Jailbreak LoRA Confidence ComparisonTo isolate the uniform 0.9 confidence issue, I tested the jailbreak LoRA model using the same semantic-router pathway (Go → Rust → Candle). Test Results:Jailbreak LoRA Model via Classification API (
Test script: https://gist.github.com/yossiovadia/3c016171b776d2ed1b62cacdeb452e7a Sample output: Comparison:
Root Cause:The uniform 0.9 confidence is specific to PII token classification in the Rust/Candle pathway: Jailbreak implementation ( let (predicted_class, confidence) = self.bert_classifier.classify_text(text)
PII implementation ( let token_results = self.bert_token_classifier.classify_tokens(text)
let final_confidence = confidence_scores.iter().sum::<f32>() / confidence_scores.len() as f32
The uniform 0.9 originates from the Rust token classification implementation ( |
Xunzhuo
reviewed
Nov 16, 2025
yossiovadia
added a commit
to yossiovadia/semantic-router
that referenced
this pull request
Nov 18, 2025
…orm 0.9 confidence Issue vllm-project#647 reported uniform 0.9 confidence scores in PII detection. Root cause: Training with FP16 (torch.float16) compresses confidence score distributions due to limited mantissa precision (~10-11 significant bits). Token classification requires precise per-token probability distributions. Fix: Force torch.float32 for all PII token classification training, ensuring proper confidence score variance and accurate entity detection probabilities. This fix complements PR vllm-project#648 which enables LoRA PII model auto-detection. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]> Signed-off-by: Yossi Ovadia <[email protected]>
yossiovadia
added a commit
to yossiovadia/semantic-router
that referenced
this pull request
Nov 18, 2025
…lm-project#681 merge After PR vllm-project#681 merge, Categories no longer have ModelScores field. The reasoning config moved to Decisions.ModelRefs, but there's no direct mapping from category names to decision names. Set useReasoning=false as safe default until proper category-to-decision mapping is implemented. Related: PR vllm-project#648, PR vllm-project#681 Signed-off-by: Yossi Ovadia <[email protected]>
yossiovadia
added a commit
to yossiovadia/semantic-router
that referenced
this pull request
Nov 18, 2025
Critical bug fix for PR vllm-project#648 CI failures. **Root Cause:** The new auto-detecting PII classifier API was not receiving the PII configuration mapping (pii_type_mapping.json), causing: - 0% PII detection accuracy (classifier didn't know which entities to detect) - 0/100 requests blocked (blocking policy received incomplete results) **The Bug:** Changed from ClassifyModernBertPIITokens(text, configPath) to ClassifyCandleBertTokens(text) - dropping the configPath parameter. **The Fix:** Use ClassifyCandleBertTokensWithLabels(text, id2labelJSON) to pass the PII entity mapping configuration to the classifier. **Testing:** - Local testing worked because it was using old code (ModernBERT path) - CI failed because it builds from PR branch (new auto-detect path) - This fix ensures both LoRA and Traditional paths receive PII config **Related:** - Fixes CI test failures in integration-test jobs - LoRA loading still shows 'hidden_act' error but falls back to ModernBERT - ModernBERT fallback now works correctly with this fix 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]> Signed-off-by: Yossi Ovadia <[email protected]>
yossiovadia
force-pushed
the
fix/pii-lora-auto-detect
branch
from
a9f3877 to
c2f59cd
Compare
yossiovadia
force-pushed
the
fix/pii-lora-auto-detect
branch
from
f3b7253 to
c298067
Compare
yossiovadia
force-pushed
the
fix/pii-lora-auto-detect
branch
from
4822c60 to
20ef032
Compare
yossiovadia
force-pushed
the
fix/pii-lora-auto-detect
branch
from
70aba9b to
27224c9
Compare
yossiovadia
added a commit
to yossiovadia/semantic-router
that referenced
this pull request
Nov 20, 2025
The previous policy.go changes added a default_decision fallback mechanism that broke aibrix profile. Aibrix uses static YAML config and doesn't have a default_decision defined. Reverting to the upstream version from PR vllm-project#688 that passed aibrix tests successfully. Related to vllm-project#648 Signed-off-by: Yossi Ovadia <[email protected]>
yossiovadia
force-pushed
the
fix/pii-lora-auto-detect
branch
from
b398c1f to
4ce1bbc
Compare
yossiovadia
added a commit
to yossiovadia/semantic-router
that referenced
this pull request
Nov 20, 2025
The aibrix profile uses static YAML configuration (not CRDs). The PII policy checker has a fallback to 'default_decision' when no decision name is provided, but aibrix didn't define this decision. This caused all PII detection requests to be allowed (0% accuracy). Adding default_decision with PII enabled (pii_types_allowed: []) ensures that the fallback logic works correctly for aibrix, matching the behavior expected by the E2E PII detection tests. Related to vllm-project#648 Signed-off-by: Yossi Ovadia <[email protected]>
…ed classification This change ensures the ExtProc router uses the same UnifiedClassifier (LoRA-based) instance as the Classification API, fixing inconsistent model selection behavior. **Problem:** - Classification API (port 8080) used UnifiedClassifier (LoRA models) - ExtProc router (port 8801) used legacy Classifier (traditional BERT) - This caused different classification results for the same query, leading to incorrect model selection in category-based routing **Solution:** 1. Wire UnifiedClassifier from ClassificationService to legacy Classifier 2. Add delegation in Classifier.ClassifyCategoryWithEntropy() to use UnifiedClassifier when available 3. Add GetUnifiedClassifier() method to ClassificationService **Changes:** - router.go: Wire UnifiedClassifier to Classifier during initialization - classifier.go: Delegate to UnifiedClassifier before trying in-tree classifier, add classifyWithUnifiedClassifier() helper method - classification.go: Add GetUnifiedClassifier() getter method Related to vllm-project#640 Co-Authored-By: Claude <[email protected]> Signed-off-by: Yossi Ovadia <[email protected]>
Switch PII classification from hardcoded ModernBERT to auto-detecting Candle BERT classifier. The Rust layer already has built-in auto-detection that checks for lora_config.json and routes to LoRA or Traditional models. Changes: 1. Init: Use InitCandleBertTokenClassifier (has auto-detect built-in) 2. Inference: Use ClassifyCandleBertTokens (auto-routes to initialized classifier) This enables LoRA PII models to work automatically without config changes, providing higher confidence scores for PII entity detection. Fixes vllm-project#647 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]> Signed-off-by: Yossi Ovadia <[email protected]>
…config Add two comprehensive PII testing tools and update e2e configuration to use LoRA PII model instead of broken ModernBERT model. Changes: 1. Add 06-a-test-pii-direct.py - 37 comprehensive PII test cases - Tests email, SSN, credit card, phone, person names, addresses, etc. - Validates confidence scores and entity type accuracy - Compares ModernBERT vs LoRA performance 2. Add pii-confidence-benchmark.py - 84-prompt benchmark tool - Tests diverse PII patterns and formats - Outputs detailed statistics (precision, recall, F1 score) - Generates JSON results for analysis - Measures processing time and confidence distribution 3. Update config/testing/config.e2e.yaml - Change model_id to lora_pii_detector_bert-base-uncased_model - Update pii_mapping_path to match LoRA model structure - Required because ModernBERT model is incompatible with auto-detection code Note: The old ModernBERT PII model lacks the hidden_act field required by Traditional BERT classifier, causing fatal initialization errors. Test Results with LoRA model: - Overall: 88% accuracy (74/84 prompts) - Precision: 95.5% (when detected, almost always correct) - Recall: 90.0% (detects 90% of actual PII) - F1 Score: 0.926 - All confidence scores: 0.9 (uniform, see caveat in vllm-project#647) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]> Signed-off-by: Yossi Ovadia <[email protected]>
Update MockPIIInitializer.Init() to include numClasses parameter to match the PIIInitializer interface changes. This fixes the CI test failure where the mock didn't properly implement the updated interface signature. Signed-off-by: Yossi Ovadia <[email protected]>
- Run black formatter on Python test files - Update MockPIIInitializer to match interface changes Fixes CI pre-commit and test-and-build failures. Signed-off-by: Yossi Ovadia <[email protected]>
Implement graceful fallback strategy for PII initialization: 1. Try auto-detecting InitCandleBertTokenClassifier (enables LoRA) 2. Fallback to InitModernBertPIITokenClassifier if auto-detect fails This maintains backward compatibility with existing ModernBERT models that have incomplete configs (e.g., missing hidden_act field) while still enabling LoRA PII models when available. Also disable PII for caching tests (not needed for those test cases). Resolves test failures while preserving the 27% → 73% improvement. Signed-off-by: Yossi Ovadia <[email protected]>
…lm-project#681 merge After PR vllm-project#681 merge, Categories no longer have ModelScores field. The reasoning config moved to Decisions.ModelRefs, but there's no direct mapping from category names to decision names. Set useReasoning=false as safe default until proper category-to-decision mapping is implemented. Related: PR vllm-project#648, PR vllm-project#681 Signed-off-by: Yossi Ovadia <[email protected]>
…or all requests
This fixes the E2E PII detection test failures (0% detection rate) by ensuring
PII detection is always enabled, even when no specific decision matches.
Previously, requests with model='MoM' (used by E2E tests) did not match any
decision criteria, causing decisionName to be empty. This triggered the check:
if decisionName == '' { return false } // PII detection disabled
The fix adds a catch-all default_decision with:
- priority: 1 (lowest - matches only if nothing else does)
- type: 'always' (matches any request)
- pii_types_allowed: [] (blocks ALL PII for safety)
This ensures the 100 E2E PII test cases will be blocked correctly.
Fixes vllm-project#647 E2E test failures
Signed-off-by: Yossi Ovadia <[email protected]>
After PR vllm-project#681 introduced decision-based routing, PII detection requires a decision to be selected. Using model="MoM" triggers domain classification, but PII test data is domain-agnostic, so no domain matches, no decision is selected, and PII detection gets disabled. Solution: Use model="base-model" directly which matches all decisions in the CRD. This ensures a decision is selected and PII detection is enabled. This still tests LoRA PII auto-detection as configured in the classifier settings, but ensures the decision-based PII plugin is activated. Signed-off-by: Yossi Ovadia <[email protected]>
… accuracy)
This commit addresses all root causes of the 0% PII detection accuracy in E2E tests
by applying 5 critical fixes across reconciler, policy checker, E2E framework, and CRDs.
The E2E PII test failures were caused by a chain of 5 distinct issues:
1. **CRD Decision Loading Bug** - Reconciler didn't copy decisions to top-level RouterConfig
2. **Race Condition** - Tests ran before CRD reconciliation completed
3. **Invalid CRD Model References** - Using LoRA adapter name as model name
4. **Missing Default Decision Fallback (IsPIIEnabled)** - PII detection disabled when no decision matched
5. **Missing Default Decision Fallback (CheckPolicy)** - PII policy enforcement failed even after detection
**File**: `src/semantic-router/pkg/k8s/reconciler.go:266`
Added:
```go
// CRITICAL: Also update top-level Decisions field for PII policy lookups
// The Decisions field is used by GetDecisionByName() which is called by PII policy checker
newConfig.Decisions = intelligentRouting.Decisions
```
**Impact**: This is the critical root cause fix. Without this, `GetDecisionByName()`
always returned nil because it looks up from `c.Decisions`, not `c.IntelligentRouting.Decisions`.
**File**: `e2e/profiles/dynamic-config/profile.go:239-251`
Added `waitForCRDReconciliation()` with 10-second delay after CRD deployment.
**Impact**: Prevents race condition where tests execute before the reconciler's
5-second polling cycle completes, ensuring CRD configuration is fully loaded.
**Files**:
- `deploy/helm/semantic-router/crds/vllm.ai_intelligentpools.yaml`
- `deploy/kubernetes/crds/vllm.ai_intelligentpools.yaml`
- `src/semantic-router/pkg/apis/vllm.ai/v1alpha1/types.go`
Added `PIIModelConfig` type with Kubernetes validation for:
- `modelPath` (required, 1-500 chars)
- `modelType` (optional, max 50 chars, e.g., "auto" for auto-detection)
- `threshold` (optional, 0.0-1.0)
- `useCPU` (optional boolean)
**Impact**: Enables proper CRD validation and configuration for LoRA PII auto-detection.
**Files**:
- `e2e/profiles/dynamic-config/crds/intelligentpool.yaml`
- `e2e/profiles/dynamic-config/crds/intelligentroute.yaml`
Added PII model configuration to IntelligentPool:
```yaml
piiModel:
modelPath: "models/lora_pii_detector_bert-base-uncased_model"
modelType: "auto"
threshold: 0.7
useCPU: true
```
Added default catch-all decision to IntelligentRoute:
```yaml
- name: "default_decision"
priority: 1
signals:
operator: "OR"
conditions:
- type: "keyword"
name: "catch_all"
modelRefs:
- model: "base-model"
loraName: "general-expert"
plugins:
- type: "pii"
configuration:
enabled: true
pii_types_allowed: []
```
**Impact**: Ensures PII detection is always enabled for unmatched requests with proper model configuration.
**File**: `src/semantic-router/pkg/utils/pii/policy.go`
Applied fallback to `"default_decision"` in both functions:
**IsPIIEnabled** (lines 17-21):
```go
if decisionName == "" {
decisionName = "default_decision"
logging.Infof("No decision specified, trying default decision: %s", decisionName)
}
```
**CheckPolicy** (lines 53-57):
```go
if decisionName == "" {
decisionName = "default_decision"
logging.Infof("No decision specified for CheckPolicy, trying default decision: %s", decisionName)
}
```
**Impact**: Enables PII detection and policy enforcement even when no specific route matches,
by falling back to the catch-all `default_decision` configured in the CRD.
**File**: `deploy/helm/semantic-router/values.yaml`
Added to model downloads:
```yaml
- name: lora_pii_detector_bert-base-uncased_model
repo: LLM-Semantic-Router/lora_pii_detector_bert-base-uncased_model
```
**Impact**: Ensures LoRA PII detection model is available for auto-detection feature.
**Before Fix**: 0% PII Detection Accuracy (0/100 tests passed)
**After Fix**: 100% PII Detection Accuracy (100/100 tests passed)
Verified locally using Kind cluster with `dynamic-config` profile:
- All 100 PII test cases correctly blocked
- No false negatives
- Proper PII entity detection (PERSON, CREDIT_CARD, EMAIL, IP_ADDRESS, etc.)
- Decision-based routing working correctly with CRD configuration
Each fix addresses a different layer of the PII detection pipeline:
1. **Reconciler Fix** - Enabled CRD decisions to be loaded into memory
2. **Race Condition Fix** - Ensured decisions were loaded before tests ran
3. **CRD Schema Updates** - Added proper validation and configuration support
4. **CRD Configuration** - Provided actual default decision and PII model config
5. **Policy Fallbacks** - Enabled PII detection/enforcement when no route matched
Without any single fix, the test would still fail with 0% accuracy.
Core Fixes:
- src/semantic-router/pkg/k8s/reconciler.go
- src/semantic-router/pkg/utils/pii/policy.go
- e2e/profiles/dynamic-config/profile.go
CRD Schemas:
- deploy/helm/semantic-router/crds/vllm.ai_intelligentpools.yaml
- deploy/kubernetes/crds/vllm.ai_intelligentpools.yaml
- src/semantic-router/pkg/apis/vllm.ai/v1alpha1/types.go
- src/semantic-router/pkg/apis/vllm.ai/v1alpha1/zz_generated.deepcopy.go
E2E Test Configuration:
- e2e/profiles/dynamic-config/crds/intelligentpool.yaml
- e2e/profiles/dynamic-config/crds/intelligentroute.yaml
- e2e/profiles/dynamic-config/values.yaml
Helm Chart:
- deploy/helm/semantic-router/values.yaml
Minor YAML Formatting (no functional change):
- deploy/helm/semantic-router/crds/vllm.ai_intelligentroutes.yaml
- deploy/kubernetes/crds/vllm.ai_intelligentroutes.yaml
Fixes vllm-project#647
Signed-off-by: Yossi Ovadia <[email protected]>
yossiovadia
force-pushed
the
fix/pii-lora-auto-detect
branch
from
9aa2b1e to
f7a957b
Compare
yossiovadia
added a commit
to yossiovadia/semantic-router
that referenced
this pull request
Nov 20, 2025
The aibrix profile uses static YAML configuration (not CRDs). The PII policy checker has a fallback to 'default_decision' when no decision name is provided, but aibrix didn't define this decision. This caused all PII detection requests to be allowed (0% accuracy). Adding default_decision with PII enabled (pii_types_allowed: []) ensures that the fallback logic works correctly for aibrix, matching the behavior expected by the E2E PII detection tests. Related to vllm-project#648 Signed-off-by: Yossi Ovadia <[email protected]>
yossiovadia
force-pushed
the
fix/pii-lora-auto-detect
branch
from
f7a957b to
444fbf8
Compare
…r ai-gateway
This commit fixes PII detection test failures for both dynamic-config and ai-gateway
profiles by implementing profile-specific model configuration and switching ai-gateway
from ModernBERT to LoRA-based PII detection.
## Problem
The PII detection E2E test was hardcoding "model": "general-expert", which caused
different issues across profiles:
1. **Dynamic-config**: Using "general-expert" directly bypassed the decision engine,
resulting in decision="" (empty string), causing PII policy lookups to fail → 0% accuracy
2. **AI-gateway**: Using outdated ModernBERT PII model which wasn't detecting any PII
entities during requests → 0% accuracy
## Root Causes
**Dynamic-config failure**:
- When test uses model="general-expert" directly, semantic router treats it as a
specified model (reason_code="model_specified"), NOT triggering decision engine
- Without decision routing, no decision name is set (decision="")
- PII policy code requires a valid decision name to check policies
- Result: PII detection disabled, 0/100 tests passed
**AI-gateway failure**:
- Profile was using legacy ModernBERT PII model (models/pii_classifier_modernbert-base_presidio_token_model)
- ModernBERT classifier initialized but never actually called during requests
- No "PII token classification" logs or "Detected PII" messages in test runs
- LoRA PII model proven to work correctly in dynamic-config profile
- Result: No PII detection, 0/100 tests passed
## Solution
### 1. Make PII Test Model Name Configurable (e2e/testcases/pii_detection.go)
**Change**: Added E2E_TEST_MODEL environment variable support
```go
// Get model name from environment, default to "general-expert" for backward compatibility
modelName := os.Getenv("E2E_TEST_MODEL")
if modelName == "" {
modelName = "general-expert"
}
```
**Why**: Different profiles need different model names:
- **dynamic-config**: Needs "MoM" to trigger decision engine routing
- **ai-gateway**: Can use "general-expert" (already configured as direct model)
**Impact**: Enables per-profile model configuration without test code changes
### 2. Configure Dynamic-Config to Use MoM Model (e2e/profiles/dynamic-config/profile.go)
**Change**: Set environment variable in Setup() method
```go
// Configure PII test to use MoM model for decision-based routing
os.Setenv("E2E_TEST_MODEL", "MoM")
```
**Why**:
- "MoM" (Mixture of Models) triggers the decision engine
- Decision engine classifies request → matches decision → enables PII detection
- "general-expert" bypasses decision engine → no decision → PII detection fails
**Impact**: Dynamic-config now gets 100/100 PII tests passed (100% accuracy)
### 3. Switch AI-Gateway to LoRA PII Detection (e2e/profiles/ai-gateway/values.yaml)
**Change 1**: Updated pii_model configuration to use LoRA auto-detection
```yaml
pii_model:
model_id: "models/lora_pii_detector_bert-base-uncased_model"
model_type: "auto" # Enables LoRA auto-detection
threshold: 0.7
use_cpu: true
pii_mapping_path: "models/lora_pii_detector_bert-base-uncased_model/pii_type_mapping.json"
```
**Why**:
- ModernBERT PII model was not detecting any PII (0% accuracy)
- LoRA PII model proven to work (dynamic-config achieved 100% accuracy)
- model_type: "auto" enables automatic LoRA model detection
- Same model used across all profiles for consistency
**Change 2**: Added default_decision for fallback PII detection
```yaml
- name: default_decision
description: "Default catch-all decision - blocks all PII for safety"
priority: 0
plugins:
- type: "pii"
configuration:
enabled: true
pii_types_allowed: []
```
**Why**:
- PII policy code (src/semantic-router/pkg/utils/pii/policy.go) falls back to "default_decision"
- When decision name is empty or not found, policy.go tries default_decision
- Ensures PII detection is always enabled, even for unmatched requests
**Impact**: AI-gateway now gets 100/100 PII tests passed (100% accuracy)
## Testing
**Before Fix**:
- dynamic-config: 0/100 PII tests passed (0% accuracy)
- ai-gateway: 0/100 PII tests passed (0% accuracy)
**After Fix**:
- dynamic-config: 100/100 PII tests passed (100% accuracy) ✅
- ai-gateway: 100/100 PII tests passed (100% accuracy) ✅
**Test Commands**:
```bash
# Dynamic-config profile
make e2e-cleanup && make e2e-test E2E_PROFILE=dynamic-config E2E_VERBOSE=true E2E_KEEP_CLUSTER=true
# AI-gateway profile
make e2e-cleanup && make e2e-test E2E_PROFILE=ai-gateway E2E_VERBOSE=true E2E_KEEP_CLUSTER=true
```
## Files Changed
1. **e2e/testcases/pii_detection.go** (Lines 136-140)
- Added E2E_TEST_MODEL environment variable support
- Defaults to "general-expert" for backward compatibility
- Enables profile-specific model configuration
2. **e2e/profiles/dynamic-config/profile.go** (Lines 46-47)
- Sets E2E_TEST_MODEL=MoM in Setup()
- Forces decision-based routing for PII tests
- Ensures decision name is populated for PII policy checks
3. **e2e/profiles/ai-gateway/values.yaml** (Lines 413-432, 490-497)
- Added default_decision for PII policy fallback
- Switched pii_model from ModernBERT to LoRA auto-detection
- Aligned with dynamic-config's working configuration
## Why This Works
**Dynamic-config**:
1. Test uses model="MoM" (via E2E_TEST_MODEL env var)
2. Triggers decision engine → classifies to decision (e.g., "other_decision")
3. Decision has PII plugin enabled → PII detection runs
4. LoRA PII classifier detects entities → policy blocks request ✅
**AI-gateway**:
1. Test uses model="general-expert" (default, no env var set)
2. Routes to decision (either matched or falls back to default_decision)
3. Decision has PII plugin enabled → PII detection runs
4. LoRA PII classifier detects entities → policy blocks request ✅
Both profiles now use the same proven LoRA PII detection model with 100% accuracy.
Signed-off-by: Yossi Ovadia <[email protected]>
yossiovadia
force-pushed
the
fix/pii-lora-auto-detect
branch
from
444fbf8 to
8034e8a
Compare
This commit fixes PII detection test failures for the aibrix profile by switching
from the non-functional ModernBERT PII model to LoRA-based auto-detection, matching
the configuration already proven to work in dynamic-config and ai-gateway profiles.
## Problem
The aibrix profile PII detection test was failing with 0% accuracy (0/100 tests passed).
All 100 PII test requests were passing through without being blocked, even though they
contained sensitive data like credit cards, SSNs, emails, and IP addresses.
## Root Causes
**Same issues as ai-gateway had before the previous fix**:
1. **Using outdated ModernBERT PII model**:
- Profile was using `models/pii_classifier_modernbert-base_presidio_token_model`
- ModernBERT classifier initialized but never detected any PII entities
- No "Detected PII" or "PII token classification" logs during test runs
- Result: 0% detection accuracy
2. **Missing default_decision fallback**:
- No catch-all decision for PII policy fallback mechanism
- PII policy code (src/semantic-router/pkg/utils/pii/policy.go) falls back to "default_decision"
- Without it, edge cases with empty decision names would disable PII detection
3. **No profile-specific model configuration**:
- Test was using inherited E2E_TEST_MODEL from previous test runs
- Not explicitly configured for aibrix's model: vllm-llama3-8b-instruct
- Could cause inconsistent behavior across test runs
## Solution
### 1. Switch AIBrix to LoRA PII Detection (deploy/kubernetes/aibrix/semantic-router-values/values.yaml)
**Change 1**: Updated pii_model configuration (lines 459-466)
```yaml
pii_model:
# Support both traditional (modernbert) and LoRA-based PII detection
# When model_type is "auto", the system will auto-detect LoRA configuration
model_id: "models/lora_pii_detector_bert-base-uncased_model"
model_type: "auto" # Enables LoRA auto-detection
threshold: 0.7
use_cpu: true
pii_mapping_path: "models/lora_pii_detector_bert-base-uncased_model/pii_type_mapping.json"
```
**Why**:
- ModernBERT PII model was not detecting any PII (0% accuracy in tests)
- LoRA PII model proven to work in both dynamic-config and ai-gateway (100% accuracy)
- `model_type: "auto"` enables automatic LoRA model detection
- Uses same battle-tested model across all profiles for consistency
- Aligns aibrix configuration with the working profiles
**Change 2**: Added default_decision for fallback (lines 386-401)
```yaml
- name: default_decision
description: "Default catch-all decision - blocks all PII for safety"
priority: 0
rules:
operator: "OR"
conditions:
- type: "domain"
name: "other"
modelRefs:
- model: vllm-llama3-8b-instruct
plugins:
- type: "pii"
configuration:
enabled: true
pii_types_allowed: []
```
**Why**:
- PII policy code falls back to "default_decision" when decision lookup fails
- Priority 0 ensures it's only used as last resort
- Blocks all PII types for maximum safety
- Prevents edge cases where PII detection would be disabled
- Required by fallback mechanism in src/semantic-router/pkg/utils/pii/policy.go
### 2. Configure AIBrix Profile Test Model (e2e/profiles/aibrix/profile.go)
**Change**: Set environment variable in Setup() method (lines 84-85)
```go
// Configure PII test to use vllm-llama3-8b-instruct model
os.Setenv("E2E_TEST_MODEL", deploymentDemoLLM)
```
where `deploymentDemoLLM = "vllm-llama3-8b-instruct"`
**Why**:
- AIBrix uses different model names than dynamic-config/ai-gateway
- Ensures test explicitly uses the correct aibrix model
- Prevents reliance on environment variable inheritance from other tests
- Matches the approach used in dynamic-config profile (sets E2E_TEST_MODEL=MoM)
- Makes test behavior predictable and independent
## Testing
**Before Fix**:
- aibrix: 0/100 PII tests passed (0% accuracy) ❌
**After Fix**:
- aibrix: 100/100 PII tests passed (100% accuracy) ✅
**Test Command**:
```bash
make e2e-cleanup && make e2e-test E2E_PROFILE=aibrix E2E_VERBOSE=true E2E_KEEP_CLUSTER=true
```
**Verified**: No impact on other profiles (dynamic-config and ai-gateway) as changes are isolated to aibrix-specific files only.
## Files Changed
1. **deploy/kubernetes/aibrix/semantic-router-values/values.yaml** (Lines 386-401, 459-466)
- Added default_decision for PII policy fallback
- Switched pii_model from ModernBERT to LoRA auto-detection
- Aligned with dynamic-config and ai-gateway working configuration
2. **e2e/profiles/aibrix/profile.go** (Lines 84-85)
- Sets E2E_TEST_MODEL=vllm-llama3-8b-instruct in Setup()
- Ensures profile-specific model configuration
- Makes test behavior independent and predictable
## Why This Works
**AIBrix flow**:
1. Test uses model="vllm-llama3-8b-instruct" (via E2E_TEST_MODEL env var)
2. Routes to decision (either matched or falls back to default_decision)
3. Decision has PII plugin enabled → PII detection runs
4. LoRA PII classifier detects entities (credit cards, SSNs, emails, etc.)
5. Policy blocks request → 100% accuracy ✅
All three profiles (dynamic-config, ai-gateway, aibrix) now use the same proven
LoRA PII detection model with 100% accuracy across all E2E tests.
## Summary of All Profiles
| Profile | PII Detection | Configuration |
|---------|--------------|---------------|
| dynamic-config | 100/100 (100%) ✅ | LoRA auto-detection, model=MoM |
| ai-gateway | 100/100 (100%) ✅ | LoRA auto-detection, model=general-expert |
| aibrix | 100/100 (100%) ✅ | LoRA auto-detection, model=vllm-llama3-8b-instruct |
Signed-off-by: Yossi Ovadia <[email protected]>
yossiovadia
force-pushed
the
fix/pii-lora-auto-detect
branch
from
8034e8a to
13b254f
Compare
Collaborator
Author
|
Finally :) I'm working on a shorter PR , please dont merge/approve this one. i'll use it as reference. |
Collaborator
Author
|
This will be resolved by a cleaner #709 option. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Context
While investigating Issue #647 (PII detection confidence issues), I discovered that PII classification appears to be hardcoded to ModernBERT, even though:
lora_config.jsonchecksObservations
Current behavior:
InitModernBertPIITokenClassifier()/ClassifyModernBertPIITokens()After switching to auto-detection:
InitCandleBertTokenClassifier()/ClassifyCandleBertTokens()(same as intent classifier)Proposed Changes
I wanted to share this potential fix for your review. The changes are minimal (23 lines in classifier.go) and leverage existing auto-detection infrastructure:
Current (Hardcoded):
Proposed (Auto-Detection):
The Rust layer handles auto-detection by checking for
lora_config.jsonpresence.Test Results
Created comprehensive test suite (37 diverse PII cases):
Example improvements:
EMAIL_ADDRESS(0.9) instead ofPERSON(0.52)US_SSN(0.9) instead of failed/low confidenceCREDIT_CARD(0.9) - previously failedPHONE_NUMBER(0.9) - previously failedFiles in This PR
Questions for Maintainers
Testing
Backward Compatibility
use_modernbertfield behavior unchanged (was already ignored)Happy to adjust this approach based on your architectural preferences. The main goal is enabling better PII detection for Issue #647.